Smau Milano 2016 - Fabio Alessandro Locati

AnsibleConfiguration Management System done right

Fabio Alessandro Locati25 October 2016

Outline

Intro

Automation

Automation Options

Chef

Puppet

SaltStack

Ansible

Ansible

1

Intro

About me

• IT Consultant since 2004• Ansible user since 2013

2

About me

• IT Consultant since 2004

• Ansible user since 2013

2

About me

• IT Consultant since 2004• Ansible user since 2013

2

Today’s problems

• Auditability• Job-hopping• Speed• Scalability• Horizontal scaling (IaaS ”cloud”)• Expected QoS

3

Today’s problems

• Auditability

• Job-hopping• Speed• Scalability• Horizontal scaling (IaaS ”cloud”)• Expected QoS

3

Today’s problems

• Auditability• Job-hopping

• Speed• Scalability• Horizontal scaling (IaaS ”cloud”)• Expected QoS

3

Today’s problems

• Auditability• Job-hopping• Speed

• Scalability• Horizontal scaling (IaaS ”cloud”)• Expected QoS

3

Today’s problems

• Auditability• Job-hopping• Speed• Scalability

• Horizontal scaling (IaaS ”cloud”)• Expected QoS

3

Today’s problems

• Auditability• Job-hopping• Speed• Scalability• Horizontal scaling (IaaS ”cloud”)

• Expected QoS

3

Today’s problems

• Auditability• Job-hopping• Speed• Scalability• Horizontal scaling (IaaS ”cloud”)• Expected QoS

3

Automation

Advantages

• Infrastructure as Code

• Code is the infrastructure documentation*• Simplify auditability

• Infrastructures with no humans with root powers• Easy and quick to scale out

4

Advantages

• Infrastructure as Code

• Code is the infrastructure documentation*• Simplify auditability


4

Advantages

• Infrastructure as Code• Code is the infrastructure documentation*

• Simplify auditability


4

Advantages

• Infrastructure as Code• Code is the infrastructure documentation*• Simplify auditability


4

Advantages


• Infrastructures with no humans with root powers

• Easy and quick to scale out

4

Advantages



4

Automation Options

Agent (pull) vs agent-less (push)

AgentAn Agent is a daemon that runs on every controlled machine and that will check withthe server (master) every N minutes to ensure that the host is aligned with the latestconfiguration version. If this is not the case, the Agent will download the lastestconfiguration version and apply it.

• Advantages

• High performance during commands execution• Connection between clients and server is client managed

• Disadvantages

• Forces the master to be in the least secure network segment• Resources are used even if no changes are being applied• More daemons to take care of• Chicken and Egg problem

5



• Advantages


• Disadvantages


5



• Advantages


• Disadvantages


5



• Advantages• High performance during commands execution

• Connection between clients and server is client managed• Disadvantages


5



• Advantages• High performance during commands execution• Connection between clients and server is client managed

• Disadvantages


5




• Disadvantages


5




• Disadvantages• Forces the master to be in the least secure network segment

• Resources are used even if no changes are being applied• More daemons to take care of• Chicken and Egg problem

5




• Disadvantages• Forces the master to be in the least secure network segment• Resources are used even if no changes are being applied

• More daemons to take care of• Chicken and Egg problem

5




• Disadvantages• Forces the master to be in the least secure network segment• Resources are used even if no changes are being applied• More daemons to take care of

• Chicken and Egg problem

5




• Disadvantages• Forces the master to be in the least secure network segment• Resources are used even if no changes are being applied• More daemons to take care of• Chicken and Egg problem

5

Idempotence

DefinitionIdempotence is the property of certain operations in mathematics and computerscience, that can be applied multiple times without changing the result beyond theinitial application.

6

Chef

• Written in Ruby• Pull mode only• Advantages

• Very well integrated with git• Rich collection of available modules• Easy to install

• Disadvantages

• Code driven• Complex tool• Steep learning curve

7

Chef

• Written in Ruby

• Pull mode only• Advantages


• Disadvantages


7

Chef

• Written in Ruby• Pull mode only

• Advantages


• Disadvantages


7

Chef



• Disadvantages


7

Chef


• Very well integrated with git

• Rich collection of available modules• Easy to install

• Disadvantages


7

Chef


• Very well integrated with git• Rich collection of available modules

• Easy to install

• Disadvantages


7

Chef



• Disadvantages


7

Chef



• Disadvantages


7

Chef



• Disadvantages• Code driven

• Complex tool• Steep learning curve

7

Chef



• Disadvantages• Code driven• Complex tool

• Steep learning curve

7

Chef



• Disadvantages• Code driven• Complex tool• Steep learning curve

7

Puppet

• Written in Ruby• Mainly pull mode• Advantages

• Very large user base• High number of modules available

• Disadvantages

• Steep learning curve• Complex to setup

8

Puppet

• Written in Ruby

• Mainly pull mode• Advantages


• Disadvantages


8

Puppet

• Written in Ruby• Mainly pull mode

• Advantages


• Disadvantages


8

Puppet



• Disadvantages


8

Puppet


• Very large user base

• High number of modules available

• Disadvantages


8

Puppet



• Disadvantages


8

Puppet



• Disadvantages


8

Puppet



• Disadvantages• Steep learning curve

• Complex to setup

8

Puppet



• Disadvantages• Steep learning curve• Complex to setup

8

SaltStack

• Written in Python• Both push and pull mode• Advantages

• Very consistent use of YAML for input, output, and configs• Strong community• Highly scalable and resilient• Very good introspection tools

• Disadvantages

• Very complex to setup• Very steep learning curve

9

SaltStack

• Written in Python

• Both push and pull mode• Advantages


• Disadvantages


9

SaltStack

• Written in Python• Both push and pull mode

• Advantages


• Disadvantages


9

SaltStack



• Disadvantages


9

SaltStack


• Very consistent use of YAML for input, output, and configs

• Strong community• Highly scalable and resilient• Very good introspection tools

• Disadvantages


9

SaltStack


• Very consistent use of YAML for input, output, and configs• Strong community

• Highly scalable and resilient• Very good introspection tools

• Disadvantages


9

SaltStack


• Very consistent use of YAML for input, output, and configs• Strong community• Highly scalable and resilient

• Very good introspection tools

• Disadvantages


9

SaltStack



• Disadvantages


9

SaltStack



• Disadvantages


9

SaltStack



• Disadvantages• Very complex to setup

• Very steep learning curve

9

SaltStack



• Disadvantages• Very complex to setup• Very steep learning curve

9

Ansible

• Written in Python• Mainly push mode• Advantages

• Infrastructure as Data (in YAML format)• Very gentle learning curve• Very simple setup• Balanced tool

• Disadvantages

• Not very good introspection tools• Community is young

10

Ansible

• Written in Python

• Mainly push mode• Advantages


• Disadvantages


10

Ansible

• Written in Python• Mainly push mode

• Advantages


• Disadvantages


10

Ansible



• Disadvantages


10

Ansible


• Infrastructure as Data (in YAML format)

• Very gentle learning curve• Very simple setup• Balanced tool

• Disadvantages


10

Ansible


• Infrastructure as Data (in YAML format)• Very gentle learning curve

• Very simple setup• Balanced tool

• Disadvantages


10

Ansible


• Infrastructure as Data (in YAML format)• Very gentle learning curve• Very simple setup

• Balanced tool

• Disadvantages


10

Ansible



• Disadvantages


10

Ansible



• Disadvantages


10

Ansible



• Disadvantages• Not very good introspection tools

• Community is young

10

Ansible



• Disadvantages• Not very good introspection tools• Community is young

10

Ansible

Ansible terminology

• Host: Target of the execution• Module: Modules can control system resources, like services, packages, or files

(anything really), or handle executing system commands.• Module library: Default set of modules coming with Ansible basic installation• Task: An istance of a Module• Role: A way to abstract a collection of tasks that has a specific role and is

idempotent• Playbook: A collection of Tasks and Roles that could be idempotent (or not)

11

Ansible terminology

• Host: Target of the execution

• Module: Modules can control system resources, like services, packages, or files(anything really), or handle executing system commands.

• Module library: Default set of modules coming with Ansible basic installation• Task: An istance of a Module• Role: A way to abstract a collection of tasks that has a specific role and is


11

Ansible terminology


(anything really), or handle executing system commands.

• Module library: Default set of modules coming with Ansible basic installation• Task: An istance of a Module• Role: A way to abstract a collection of tasks that has a specific role and is


11

Ansible terminology


(anything really), or handle executing system commands.• Module library: Default set of modules coming with Ansible basic installation

• Task: An istance of a Module• Role: A way to abstract a collection of tasks that has a specific role and is


11

Ansible terminology


(anything really), or handle executing system commands.• Module library: Default set of modules coming with Ansible basic installation• Task: An istance of a Module

• Role: A way to abstract a collection of tasks that has a specific role and isidempotent

• Playbook: A collection of Tasks and Roles that could be idempotent (or not)

11

Ansible terminology



idempotent

• Playbook: A collection of Tasks and Roles that could be idempotent (or not)

11

Ansible terminology




11

Ansible infrastructure

+---------------------+| GIT Server |+---------------------+ .

| .| . +---------------------+V |-->| Controlled Host |

+---------------------+ | +---------------------+| Ansible Controller |-----|+---------------------+ | +---------------------+

|-->| Controlled Host |. +---------------------+.. 12

Infrastructure as Data

• Really simple to write• Even simpler to read• Only the bit important to you need to be written

13


• Really simple to write

• Even simpler to read• Only the bit important to you need to be written

13


• Really simple to write• Even simpler to read

• Only the bit important to you need to be written

13


• Really simple to write• Even simpler to read• Only the bit important to you need to be written

13

Example of syntax

---- hosts: all

become: Truetasks:- name: Ensure mysql is installed

yum:name: mysqlstate: present

- name: Ensure tom user is presentuser:

name: tomstate: present

14

Usual deployment process

• Automate few actions with Ansible Playbooks• Create Ansible Roles for the setup of a simple machine type• Rollout of the first machines completely managed with Ansible• Migration of all machines to Ansible

15


• Automate few actions with Ansible Playbooks

• Create Ansible Roles for the setup of a simple machine type• Rollout of the first machines completely managed with Ansible• Migration of all machines to Ansible

15


• Automate few actions with Ansible Playbooks• Create Ansible Roles for the setup of a simple machine type

• Rollout of the first machines completely managed with Ansible• Migration of all machines to Ansible

15


• Automate few actions with Ansible Playbooks• Create Ansible Roles for the setup of a simple machine type• Rollout of the first machines completely managed with Ansible

• Migration of all machines to Ansible

15


• Automate few actions with Ansible Playbooks• Create Ansible Roles for the setup of a simple machine type• Rollout of the first machines completely managed with Ansible• Migration of all machines to Ansible

15

Additional resources

• Laboratorio ICT, 14:00 - Workshop su come automatizzare l’IT con Ansible• Slides: https://slides.fale.io/20161025-en-ansible.pdf• Official documentation: http://docs.ansible.com• Videos: https://www.ansible.com/videos• Whitepapers: https://www.ansible.com/whitepapers• Ebooks: https://www.ansible.com/ebooks

16

Date post:	15-Apr-2017
Category:	Technology
Upload:	smau
View:	70 times
Download:	0 times

Smau Milano 2016 - Fabio Alessandro Locati

Technology